1996-01-08 - Re: Certificates: limiting your liability with reuse limitations

Header Data

From: Adam Shostack <adam@lighthouse.homeport.org>
To: cypherpunks@toad.com
Message Hash: 0a37054ed53904ebc38d846ac54c5811e9fe5fc02306c59d56a0f44cf70ef923
Message ID: <199601082339.SAA27242@homeport.org>
Reply To: <199601082310.SAA27803@thor.cs.umass.edu>
UTC Datetime: 1996-01-08 23:42:46 UTC
Raw Date: Tue, 9 Jan 1996 07:42:46 +0800

Raw message

From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 9 Jan 1996 07:42:46 +0800
To: cypherpunks@toad.com
Subject: Re: Certificates: limiting your liability with reuse limitations
In-Reply-To: <199601082310.SAA27803@thor.cs.umass.edu>
Message-ID: <199601082339.SAA27242@homeport.org>
MIME-Version: 1.0
Content-Type: text


A. Michael Froomkin writes:
> I know I can put an expiration date on the certificate, but that's not
> enough.  I can accumulate a lot of exposure in a few seconds, much less
> weeks.
>
> I know I can put a reliance limit in the X.509 ver 3 certificate, but
> that's not enough.  Even a $1 limit could be used many millions of times.
>
> Is it feasabile to say: Can only be relied on once per day/week/month?

	Undeniable digital signatures.  They're not 'undeniable'
differently from normal digital signatures, but they do require the
cooperation of the signer to confirm the signature.  Thus, a KCA could
decide only to verify a signature 50 times, or once per day (or once
per being paid the $10 signature verification fee.)

	Schneier has a decent amount on undeniable digital signatures.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






Thread